Using Fastly with apex domains

Last updated April 17, 2017

Some customers use only their second level or apex domain (e.g., example.com rather than www.example.com) as their canonical domain. Due to limitations in the DNS specification, we don't recommend placing a CNAME record at the apex domain or using the CNAME Flattening (e.g., ALIAS or ANAME) features offered by some DNS providers. Instead, we offer Anycast IP addresses for content that must be hosted on a second-level or apex domain.

Where problems exist and why

The DNS instructions in RFC1034 (section 3.6.2) state that, if a CNAME record is present at a node, no other data should be present. This ensures the data for a canonical name and its aliases cannot be different. Because an apex domain requires NS records and usually other records like MX to make it work, setting a CNAME at the apex would break the "no other data should be present" rule.

In general, the problem with apex domains happens when they fail to redirect to their www equivalents (example.com points nowhere instead of pointing to www.example.com). A couple of workaround options exist:

Only use Fastly for API or AJAX calls, images, and other static assets (e.g., serve example.com yourself and CNAME to Fastly for assets at assets.example.com)

Redirect from the apex domain to the version proxied by Fastly (e.g., redirect any requests for example.com to www.example.com)

Neither of these workarounds, however, are ideal.

Anycast option

Fastly can provide Anycast IP addresses for content that must be hosted on a second-level or apex domain. We do not charge extra for this service, however, you must be using one of Fastly's paid plans (with or without a contract) in order to take advantage of it. Also, if you do use Anycast IP addresses, using these IPs may result in higher rates.

Our Anycast option allows you to add A records that point your apex domain at Fastly. If the Fastly Anycast IP addresses change we will notify you at status.fastly.com. Because Anycast doesn't give us as much flexibility in routing your requests, this option may not be as performant as our CNAME-based system. We recommend you use our CNAME-based system for as much content as possible, particularly for large files or streaming video.